Research Blog

Welcome to our cybersecurity research blog where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.

Here you’ll find extensive research and insight from the well-known Horizon3.ai attack team, intuitive perspectives on everything security, and real-world attack path short stories that come directly from discoveries made by NodeZero.



Showing 133–137 of 137 results

Coming Changes in the Security Landscape

I’m sharing this because I believe it is relevant to ongoing decisions in this community. I’m in a senior leader cyber group and got the chance to follow the headliner yesterday on Vulnerability Assessment tools. I lit them up, and had a CEO reach out to me afterwords on LI…here’s the conversation: Hi Monti, Thank you for your thoughts on...
Read More

Purple Teams

Purple teaming is the result of collaboration, communication and sharing of information between a red team and a blue team in an effort to improve the overall security posture of an organization. How organizations comprise these components may vary, but for context, a Red team is the offensive security team. They are trained in the tools, Tactics, Techniques and Procedures...
Read More

Unauthenticated XSS to Remote Code Execution Chain in Mautic < 3.2.4

Mautic is widely used open source software for marketing automation. While researching the application and its source code on Github, we discovered an attack chain whereby an unauthenticated attacker could gain remote code execution privileges on the server hosting Mautic by abusing a stored XSS vulnerability. The issues raised in this post, CVE-2020-35124 and CVE-2020-35125, have been fixed in Mautic...
Read More

CVE-2020-29437: Authenticated SQL Injection in OrangeHRM <

OrangeHRM is software for Human Resource Management (HRM). In a routine audit of the open source version of OrangeHRM, we discovered a SQL injection vulnerability in the "Buzz" module, an integrated social media tool within the software. Authenticated low privilege users can use this vulnerability to disclose the full contents of the OrangeHRM database, including sensitive user personal information and...
Read More